Single sign-on (SSO) for a Postman team is configured by a Team Admin. To configure SSO for a team, add an authentication method, and then configure the identity provider (IdP) details.
To learn more about the user experience, see Signing in to an SSO team.
To begin adding an authentication method, do the following:
Go to Team Settings, then select Authentication.
Select Add Authentication Method.
Select the authentication type.
Enter an authentication name that's identifiable to your team.
Select Continue to configure the IdP details.
Always check with your authentication provider dashboard or your IT support staff for the correct information to configure SSO.
After adding the authentication method, you can configure the IdP details.
To configure the IdP details later, select Configure Later. When you're ready to continue configuring the IdP details, see Editing SSO settings.
In the Service provider details (Postman) section, the Entity ID, Login URL, and ACS URL are already populated.
Fill in the Identity provider details section. From your IdP account, enter your SSO URL, Identity provider issuer, and X.509 Certificate. Instead, you can upload a metadata file to configure the IdP details in one step.
To enter details in the Identity provider details section, you must sign in to your IdP account and get the details. Refer to the corresponding section of the documentation and follow the outlined procedure there:
Optionally, you can select the Automatically add new users checkbox if you want users to automatically join your team. The first time users sign in to Postman using this authentication method they will automatically join the team.
After configuring the authentication method for your Postman team, you can select the Status toggle to turn it on or off. This is a team-level option, so this setting applies to the whole team.
To update the settings for an authentication method, select Edit, then select Continue.
To delete an authentication method, select Edit, then select Delete.
The first time a new Postman user signs in to Postman using the authentication method, a Postman account is created and the user is automatically added to the team if the following is true: the team has seats available and the Automatically add new users checkbox was selected during authentication method configuration.
The user will be automatically associated to the team with a Developer role and have access to team resources.
If the required conditions aren't met to automatically join the team, all Team Admins will receive your request to join the team.
The first time an existing Postman user signs in to Postman using the authentication method, the user is automatically added to the team if one of the following is true:
The user will be automatically associated to the team with a Developer role and have access to team resources.
If the required conditions aren't met to automatically join the team, all Team Admins will receive your request to join the team.
The Automatically add new users checkbox in your authentication method determines whether users with accounts in your IdP can automatically join your team. Sign in to Postman using the authentication method to automatically join the team.
Automatically add new users will only work if your team has user seats available. Your team size won't automatically increase if more users sign in with SSO.
By default, Postman only supports Service Provider (Postman)-initiated sign-ins for Postman Enterprise teams. Your team must sign in to Postman using the authentication method. If you require users to sign in using an IdP-initiated sign-in from your SSO portal, you can generate and copy the Relay state from your authentication method, and then save it in your IdP configuration. This ensures an extra level of security when the sign-in process is initiated through a source unknown to Postman.
You must remove users from your team in Postman to prevent access to shared resources. When you remove a user from your team, you'll still retain access to any data they have shared with the team. You'll also be able to reassign their personal workspaces and the data within them to a remaining team member in some situations. To learn more, see Removing team members.
Learn more about common SSO issues and how to troubleshoot them.
If you experience an error after signing in to Postman using SSO, see the following errors and possible solutions:
For more common SSO issues, see the following:
Now that you've set up SSO for your team, you might be interested in learning about how your team will interact with SSO and continuing on with SCIM provisioning.
Last modified: 2024/07/24